Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-30272

[enterprise-4.15] Issue in file authentication/identity_providers/configuring-htpasswd-identity-provider.adoc

XMLWordPrintable

    • No
    • 3
    • False
    • Hide

      None

      Show
      None
    • Release Note Not Required
    • In Progress

      Description of problem:

      Cannot log in to cluster using example from documentation

      Version-Release number of selected component (if applicable):

      4.14.11

      How reproducible:

      Always?

      Steps to Reproduce:

          1. Follow example[0]
          2. Attempt login to cluster UI console (http(s)) or API (oc login)
          3. Fail
          

      Actual results:

      Identity provider example does not satisfy authentication requirements for logging into console UI and/or API

      Expected results:

      Identity provider example satisfies authentication requirements for logging into console UI and/or API

      Additional info:

      I was not able to log in with the example as described in the docs. Some troubleshooting led me to a kb article[1] that describes the use of additional parameters:
      
          challenge: true
          login: true
      
      Adding these to the oauth/cluster CR enabled the htpasswd identity provider to work. This may be by design since not all users may be allowed to log in. If that is the case, supporting notes of what to expect and exactly what this example enables (or does not explicitly allow: logging in via UI console and/or API) would be appropriate. 
      
      Additionally, there is no documentation on these two parameters (or any other parameters for the htpasswd identityProviders) in the API documentation via `oc explain oauth.spec [...]`. It came down to spending time searching with Google etc.
      
      
      
      
      
      [0] https://docs.openshift.com/container-platform/4.15/authentication/identity_providers/configuring-htpasswd-identity-provider.html#identity-provider-htpasswd-CR_configuring-htpasswd-identity-provider
      [1] https://access.redhat.com/solutions/4039941

              rhn-support-cbippley Courtney Bippley
              rhn-engineering-dtrainor Dan Trainor
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: